ci: use local registry for all base images

Switch from mirror.gcr.io to local registry (10.100.9.70:5000):
- All CI step images now pull from local registry
- Dockerfile base images pull from local registry
- No more external pulls during builds
- Daily cron job updates local cache from Google mirror

Images cached locally:
- node:22-alpine, node:22-slim, node:20-alpine
- php:8.4-cli-alpine, php:8.3-fpm-alpine
- composer:2.8, nginx:alpine, busybox
- laravel-test-runner, drone-cache, kubectl, kaniko

.woodpecker/.ci.yml

@@ -26,7 +26,7 @@ when:
 # The default clone was failing with "could not read Username"
 clone:
   git:
-    image: woodpeckerci/plugin-git
+    image: 10.100.9.70:5000/plugin-git
     settings:
       depth: 50
       lfs: false
@@ -39,7 +39,7 @@ steps:
 
   # Restore Composer cache
   restore-composer-cache:
-    image: mirror.gcr.io/meltwater/drone-cache:dev
+    image: 10.100.9.70:5000/meltwater/drone-cache:dev
     settings:
       backend: "filesystem"
       restore: true
@@ -52,7 +52,7 @@ steps:
 
   # Install dependencies (uses pre-built Laravel image with all extensions)
   composer-install:
-    image: mirror.gcr.io/kirschbaumdevelopment/laravel-test-runner:8.3
+    image: 10.100.9.70:5000/kirschbaumdevelopment/laravel-test-runner:8.3
     depends_on:
       - restore-composer-cache
     commands:
@@ -86,7 +86,7 @@ steps:
 
   # Rebuild Composer cache (only on merge builds, not PRs)
   rebuild-composer-cache:
-    image: mirror.gcr.io/meltwater/drone-cache:dev
+    image: 10.100.9.70:5000/meltwater/drone-cache:dev
     depends_on:
       - composer-install
     settings:
@@ -108,7 +108,7 @@ steps:
 
   # PHP Syntax Check - Uses parallel-lint for 5-10x speed improvement
   php-lint:
-    image: mirror.gcr.io/kirschbaumdevelopment/laravel-test-runner:8.3
+    image: 10.100.9.70:5000/kirschbaumdevelopment/laravel-test-runner:8.3
     depends_on:
       - composer-install
     commands:
@@ -120,7 +120,7 @@ steps:
 
   # Run Laravel Pint (code style)
   code-style:
-    image: mirror.gcr.io/kirschbaumdevelopment/laravel-test-runner:8.3
+    image: 10.100.9.70:5000/kirschbaumdevelopment/laravel-test-runner:8.3
     depends_on:
       - composer-install
     commands:
@@ -134,7 +134,7 @@ steps:
   # Note: Uses array cache/session for speed and isolation (Laravel convention)
   # Uses external Redis (redis.spdy.io) and local Reverb for broadcasting tests
   tests:
-    image: mirror.gcr.io/kirschbaumdevelopment/laravel-test-runner:8.3
+    image: 10.100.9.70:5000/kirschbaumdevelopment/laravel-test-runner:8.3
     depends_on:
       - composer-install
     when:
@@ -186,7 +186,7 @@ steps:
   # Validate migrations before deployment
   # Only runs pending migrations - never fresh or seed
   validate-migrations:
-    image: mirror.gcr.io/kirschbaumdevelopment/laravel-test-runner:8.3
+    image: 10.100.9.70:5000/kirschbaumdevelopment/laravel-test-runner:8.3
     depends_on:
       - composer-install
     environment:
@@ -225,7 +225,7 @@ steps:
   # Uses Kaniko for daemonless builds (no DNS issues like BuildX)
   # Uses local registry (10.100.9.70:5000) - accessible from k8s internal network
   build-image-dev:
-    image: gcr.io/kaniko-project/executor:debug
+    image: 10.100.9.70:5000/kaniko-project/executor:debug
     depends_on:
       - composer-install
     commands:
@@ -253,7 +253,7 @@ steps:
 
   # Auto-deploy to dev.cannabrands.app (develop branch only)
   deploy-dev:
-    image: mirror.gcr.io/bitnami/kubectl:latest
+    image: 10.100.9.70:5000/bitnami/kubectl:latest
     depends_on:
       - build-image-dev
     environment:
@@ -292,7 +292,7 @@ steps:
   # Build and push Docker image for PRODUCTION (master branch)
   # Uses Kaniko for daemonless builds (no DNS issues like BuildX)
   build-image-production:
-    image: gcr.io/kaniko-project/executor:debug
+    image: 10.100.9.70:5000/kaniko-project/executor:debug
     depends_on:
       - composer-install
     commands:
@@ -316,7 +316,7 @@ steps:
 
   # Deploy to production (master branch)
   deploy-production:
-    image: mirror.gcr.io/bitnami/kubectl:latest
+    image: 10.100.9.70:5000/bitnami/kubectl:latest
     depends_on:
       - build-image-production
     environment:
@@ -346,7 +346,7 @@ steps:
   # Build and push Docker image for tagged releases (optional versioned releases)
   # Uses Kaniko for daemonless builds (no DNS issues like BuildX)
   build-image-release:
-    image: gcr.io/kaniko-project/executor:debug
+    image: 10.100.9.70:5000/kaniko-project/executor:debug
     depends_on:
       - composer-install
     commands:
@@ -368,7 +368,7 @@ steps:
 
   # Success notification
   success:
-    image: mirror.gcr.io/library/alpine:latest
+    image: 10.100.9.70:5000/library/alpine:latest
     when:
       - evaluate: 'CI_PIPELINE_STATUS == "success"'
     commands:
@@ -436,7 +436,7 @@ steps:
 # Services for tests (optimized for CI speed)
 services:
   postgres:
-    image: mirror.gcr.io/library/postgres:15
+    image: 10.100.9.70:5000/library/postgres:15
     environment:
       POSTGRES_USER: testing
       POSTGRES_PASSWORD: testing

Dockerfile

@@ -3,8 +3,7 @@
 # ============================================
 
 # ==================== Stage 1: Node Builder ====================
-# Use local registry to avoid Docker Hub rate limits and DNS issues
-FROM 10.100.9.70:5000/node:22-alpine AS node-builder
+FROM 10.100.9.70:5000/library/node:22-alpine AS node-builder
 
 WORKDIR /app
 
@@ -36,10 +35,10 @@ RUN npm run build
 
 # ==================== Stage 2: Composer Builder ====================
 # Pin to PHP 8.4 - composer:2 uses latest PHP which may not be supported by dependencies yet
-FROM 10.100.9.70:5000/php:8.4-cli-alpine AS composer-builder
+FROM 10.100.9.70:5000/library/php:8.4-cli-alpine AS composer-builder
 
-# Install Composer from local registry
-COPY --from=10.100.9.70:5000/composer:2.8 /usr/bin/composer /usr/bin/composer
+# Install Composer
+COPY --from=10.100.9.70:5000/library/composer:2.8 /usr/bin/composer /usr/bin/composer
 
 WORKDIR /app
 
@@ -61,7 +60,7 @@ RUN composer install \
     --optimize-autoloader
 
 # ==================== Stage 3: Production Runtime ====================
-FROM 10.100.9.70:5000/php:8.3-fpm-alpine
+FROM 10.100.9.70:5000/library/php:8.3-fpm-alpine
 
 LABEL maintainer="CannaBrands Team"